While checking our your API I've found a serious security flaw, which allows any unauthenticated user to perform any kind of API requests, which basically makes the whole tool and therefore any agents on end hosts exposable to anyone having access to the Caldera REST API.
The following function is responsible for checking authentication in your code:
asyncdefcheck_permissions(self, group, request):
""" Check if a request is allowed based on the user permissions :param request: :return: None """try:
ifrequest.headers.get('KEY') ==self.get_config('api_key'):
returnTrueelifself.bypassinrequest.host:
returnTrueawaitcheck_permission(request, group)
except (HTTPUnauthorized, HTTPForbidden):
raiseweb.HTTPFound('/login')
Basically it allows to bypass authentication if self.bypass is contained within request.host (which is set to localhost: per default). You are using the aiohttp library, in which host is usually the Host header of the http request (see https://docs.aiohttp.org/en/v3.0.1/web_reference.html).
This works fine if you are performing a curl request from localhost for example, but be aware that the HTTP Host header is mutable for any request performed by a user. So if you just overwrite the Host header with "localhost:8888" while performing a request to a public IP for example Caldera assumes you are performing the request to localhost and therefore disables authentication checks.
Here is a POC in Postman:
Body of the request:
Response:
As you can see I've succesfully performed an API request while using a IP within my network and not localhost. I've set the Host header to localhost and were able to fetch details without any authentication.
That really is a serious flaw in the application, if I have running productive agents an attacker can execute arbitrary commands in my network. I'd suggest removing the no-authentication "feature" for requests to localhost completely.
Thanks!
The text was updated successfully, but these errors were encountered:
We put this is for simplicity of debugging/accessing from the local system. Good catch, I have an idea for a patch to keep the capability, but break this flaw.
hi @lukasmahl thanks for the issue post-- we reviewed and agreed that the bypass is not a necessary, so we just dropped it in the latest PR. we'll post some docs around how to use the API key within a browser/header session so folks who use it can still have the convenience on their laptops if they want it.
Hi guys,
While checking our your API I've found a serious security flaw, which allows any unauthenticated user to perform any kind of API requests, which basically makes the whole tool and therefore any agents on end hosts exposable to anyone having access to the Caldera REST API.
The following function is responsible for checking authentication in your code:
Basically it allows to bypass authentication if
self.bypassis contained withinrequest.host(which is set tolocalhost:per default). You are using the aiohttp library, in whichhostis usually the Host header of the http request (see https://docs.aiohttp.org/en/v3.0.1/web_reference.html).This works fine if you are performing a curl request from localhost for example, but be aware that the HTTP Host header is mutable for any request performed by a user. So if you just overwrite the Host header with "localhost:8888" while performing a request to a public IP for example Caldera assumes you are performing the request to localhost and therefore disables authentication checks.
Here is a POC in Postman:

Body of the request:

Response:

As you can see I've succesfully performed an API request while using a IP within my network and not localhost. I've set the Host header to localhost and were able to fetch details without any authentication.
That really is a serious flaw in the application, if I have running productive agents an attacker can execute arbitrary commands in my network. I'd suggest removing the no-authentication "feature" for requests to localhost completely.
Thanks!
The text was updated successfully, but these errors were encountered: